CompTIA CASP+ (CAS-004) — Question 224
A security engineer is reviewing a record of events after a recent data breach incident that involved the following:
• A hacker conducted reconnaissance and developed a footprint of the company’s Internet-facing web application assets.
• A vulnerability in a third-party library was exploited by the hacker, resulting in the compromise of a local account.
• The hacker took advantage of the account’s excessive privileges to access a data store and exfiltrate the data without detection.
Which of the following is the BEST solution to help prevent this type of attack from being successful in the future?
Answer options
- A. Dynamic analysis
- B. Secure web gateway
- C. Software composition analysis
- D. User behavior analysis
- E. Stateful firewall
Correct answer: C
Explanation
The correct answer is C, Software composition analysis, as it helps identify and mitigate vulnerabilities in third-party libraries before they can be exploited. Other options, while useful, do not specifically address the risk associated with vulnerabilities in third-party components, making them less effective in this context.